According to cyber-security researchers Frank Piessens and Mathy Vanhoef from Belgium’s Katholieke Universiteit Leuven, there is a dangerous flaw in the WPA2 protocol which can be exploited by cybercriminals to intercept emails, passwords and other kinds of encrypted data. However, this will be successful only if the attacker is within the range of the vulnerable device or access point.
An attacker can also inject malicious content such as ransomware into a website when a client is visiting. The proof-of-concept of this exploit has been dubbed as KRACK, which is an abbreviation of Key Reinstallation Attacks. The findings of the research were disclosed on Monday followed by an advisory by US-CERT that has been distributed to nearly 100 organizations. In the advisory, it is stated that:
“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven will be publicly disclosing these vulnerabilities on 16 October 2017.”
The vulnerability affects the core WPA2 protocol and devices running Linux, Android and OpenBSD are mainly vulnerable to be exploited while to some extent macOS, MediaTek Linksys and Windows devices are also vulnerable.
According to Sean Gallagher, IT editor at Ars Technica, KRACK performs the attack by targeting the four-way handshake. The handshake is executed when a WPA2-protected network is accessed by a client since the handshake confirms that both client and access points have accurate credentials. KRACK however, tricks the client, which is vulnerable, into reinstalling a key that is already in-use due to which the client is forced to reset packet numbers. In the initial value of these numbers, there is cryptographic nonce and other parameters; KRACK forces the nonce reuse in such a way that encryption is avoided.
Vanhoef reveals that attackers can exploit this vulnerability to decrypt sensitive data including “credit card numbers, passwords, chat messages, emails, photos,” which is usually encrypted through the Wi-Fi encryption protocol. It is important to note that a majority of routers and devices nowadays rely upon WPA2 protocol for the encryption of Wi-Fi traffic.
“The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites,” wrote Vanhoef.
Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse https://t.co/gFrtbou375 and see the paper at https://t.co/iloFCbE8Pv
— Mathy Vanhoef (@vanhoefm) October 16, 2017
However, the researcher noted that the attacker could intercept Some of the traffic traveling between the device and the router. If the traffic is encrypted with HTTPS, then it cannot be intercepted by the attacker. On the other hand, cybercriminals cannot access your password through this traffic and can only perform packet injection with certain devices only if present within the range of the Wi-Fi network.
To protect your device, it is highly important to update all the wireless devices such as routers, laptops, phones, and tablets or whatever device you own with the latest security patches because updating them would prevent KRACK vulnerability. Especially update your router’s firmware and if an ISP has provided it, contact them immediately to update their branded kit or browse through their administration panel. The router manufacturers that have already released fixes for WPA2 protocol include Aruba, Fortinet, Meraki, Microtek, and Ubiquiti.
If your router hasn’t been fixed or a patch is not released then switch to Ethernet and turn off all the functions of wireless until a patch is released. Also, disable Wi-Fi option on your device to make sure that the traffic passes through the Ethernet cable. Or use cellular data on your mobile phone if your device does not has Ethernet port.
Remember that devices running on Android 6.0 and later versions are far more vulnerable to be exploited with this vulnerability than other devices primarily due to the faulty implementation of the handshake mechanism in their Wi-Fi stack. With the successful implementation of KRACK, the attacker can force the device to reinstall an all-zero encryption key instead of the original key.
Vanhoef states that visiting HTTPS-protected websites only is not an appropriate or productive solution to prevent KRACK because various improperly configured websites might be forced into transmitting unencrypted HTTP data.
“Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations. For example, HTTPS was previously bypassed in non-browser software, in Apple’s iOS and OS X, in Android apps again, in banking apps, and even in VPN apps,” noted Vanhoef.
The researcher has also ensured that iOS and Windows-based devices are not vulnerable to severe attacks while Linux and Android devices are most susceptible since attackers can force network decryption on clients within mere seconds without much ado. In this
regard, Vanhoef stated that clients could be patched even while connected to exploitable access points. Linux and Wi-Fi access points patches are already developed, but when they are available for Android users, it is yet unclear.
When asked if the vulnerability would pave the way for a WPA3 standard, Vanhoef explained that implementations could be “patched in a backward-compatible manner,” which means that patched clients can communicate with an unpatched access point or vice versa.
The vulnerability was kept a secret for weeks, and finally, on Monday it was discovered after it was officially disclosed on a Github page owned by Vanhoef and another website krackattack.com. The vulnerability has been indexed as “CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088.”
Vanhoef and Piessens will be presenting the findings via the website krackattacks.com at the ACM Conference on Computer and Communications Security due to be held on November 1st in Dallas. Bleeping Computer has published a complete list of firmware and driver updates for KRACK vulnerability, which can be viewed here.